- 漏洞信息

Android Web Browser Unspecified Remote Code Execution Vulnerability
Unknown 31946
Yes No
2008-10-24 12:00:00 2008-10-28 06:36:00
Charlie Miller, Mark Daniel, and Jake Honoroff

- 受影响的程序版本

HTC T-Mobile G1 0
Google Android 0

- 漏洞讨论

Android Web Browser is prone to an unspecified remote code-execution vulnerability.

Successful exploits allow attackers to execute arbitrary code in the context of the browser. Note that attackers can exploit this issue to compromise only the browser, which may result in information-disclosure attacks.

Reportedly, this issue stems from an older vulnerability in one of the third-party packages used by Android. No further details are currently available. We will update or retire this BID when more information emerges.

NOTE: The HTC T-Mobile G1 phone ships with a vulnerable version of Android and is also affected by this issue.

- 漏洞利用

The researchers who reported this issue have developed a working exploit. This exploit is not publicly available or known to be circulating in the wild.

- 解决方案

Reportedly the issue has been fixed in the open-source version of the application. Symantec was unable to confirm this information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站